[CLUE-Tech] groups

[Jed S. Baer]

On Tue, 30 Apr 2002 17:16:04 -0600
Mike Staver <staver at fimble.com> wrote:

> Alright, so I created an accounted called ftpguys, and added it to the 
> group ftpguys.  Then, I made sure the ftp_files directory is owned by 
> ftpguys and so is everything in the directory.  Still no go when I try 
> to ftp in as "boz" and try to upload a file.  Also, I can not touch a 
> file when su'd as boz.  I seriously don't understand how this groups 
> thing works if what I have done thus far doesn't seem to allow people in
> a specific group access to a certain file or directory.  You said the 
> system first pays attention to the user id - well, how do I get it to 
> look past that and at the group?

Uh, so what group is "boz" in? And what do you get doing an "ls -l" on the
target directory?

IIRC, if any part of the permission mask says you have access, you have
access. IOW:

 r-----rwx => "all" has rwx, so it doesn't matter that user/group are more
restricted.

> Matt Gushee wrote:
> 
> >  I have used the following command on a directory:
> >>
> >>chgrp ftpguys /home/ftp_files
> >
> >That affects only the directory. If you want to assign permissions on
> >files in that directory, you need to do
> >
> >  chgrp ftpguys /home/ftp_files/*
> >
> >or if there are subdirectories you also want to work on:
> >
> >  chgrp -R ftpguys /home/ftp_files  # -R for 'recursive'

Well, how 'bout chown -R ftpguys:ftpguys /home/ftp_files

Cuz:

# ls -l references.txt 
-rwxrwxrwx    1 jbaer    users         317 Jan 13 21:25 references.txt
# chgrp httpd references.txt 
# ls -l references.txt 
-rwxrwxrwx    1 jbaer    httpd         317 Jan 13 21:25 references.txt

Bad example maybe, cuz with that mask, it really doesn't matter. But you
see what I mean, eh?

jed
-- 
Fight the CBDTPA: http://www.eff.org/alerts/20020322_eff_cbdtpa_alert.html

"Those who expect to reap the blessings of freedom must, like men,
 undergo the fatigue of supporting it." - Thomas Paine